package com.demo.paypalmanagement.service;


import com.demo.paypalmanagement.model.entity.Users;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;

import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;

@Service
public class AuthService {

  @Autowired
  private IUsersService usersService;

  public boolean auth(HttpServletRequest request, Authentication authentication) {
    //权限认证
    //请求路径
    String requestURI = request.getRequestURI();
    Object principal = authentication.getPrincipal();

    if (principal == null || "anonymousUser".equals(principal)) {
      //未登录
      return false;
    }
    UserDetails userDetails = (UserDetails) principal;
    String role = userDetails.getAuthorities().toArray()[0].toString();
    if ("ROLE_ADMIN".equals(role)) {
      return true;
    }
    if ("ROLE_USER".equals(role)) {
      Users users = usersService.getUserByUsername(userDetails.getUsername());
      return true;
    }
    return false;
  }
}
